@dwp/govuk-casa 8.0.2 → 8.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +9 -0
- package/dist/middleware/post.js +1 -1
- package/dist/middleware/pre.js +10 -2
- package/package.json +14 -14
package/CHANGELOG.md
CHANGED
|
@@ -2,6 +2,15 @@
|
|
|
2
2
|
|
|
3
3
|
All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
|
|
4
4
|
|
|
5
|
+
### [8.0.3](https://github.com/dwp/govuk-casa/compare/8.0.2...8.0.3) (2022-02-04)
|
|
6
|
+
|
|
7
|
+
|
|
8
|
+
### Bug Fixes
|
|
9
|
+
|
|
10
|
+
* add google analytics to default CSP ([6408140](https://github.com/dwp/govuk-casa/commit/6408140501c124221219def66094af9121935a1e))
|
|
11
|
+
* correct typo ([56e0c8d](https://github.com/dwp/govuk-casa/commit/56e0c8d5e1ae8843c4f309ddf5cb8299faf7aaa4))
|
|
12
|
+
* set 404 status code on 404 page render response ([2296a9d](https://github.com/dwp/govuk-casa/commit/2296a9dc01ae8aa00d5cb28c71e5ae718e782386))
|
|
13
|
+
|
|
5
14
|
### [8.0.2](https://github.com/dwp/govuk-casa/compare/8.0.1...8.0.2) (2022-01-14)
|
|
6
15
|
|
|
7
16
|
### [8.0.1](https://github.com/dwp/govuk-casa/compare/8.0.0...8.0.1) (2022-01-12)
|
package/dist/middleware/post.js
CHANGED
|
@@ -9,7 +9,7 @@ const log = (0, logger_js_1.default)('middleware:post');
|
|
|
9
9
|
function postMiddleware({ mountUrl, }) {
|
|
10
10
|
return [
|
|
11
11
|
(req, res) => {
|
|
12
|
-
res.render('casa/errors/404.njk');
|
|
12
|
+
res.status(404).render('casa/errors/404.njk');
|
|
13
13
|
},
|
|
14
14
|
/* eslint-disable-next-line no-unused-vars */
|
|
15
15
|
(err, req, res, next) => {
|
package/dist/middleware/pre.js
CHANGED
|
@@ -5,6 +5,8 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
|
5
5
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
6
|
const crypto_1 = require("crypto");
|
|
7
7
|
const helmet_1 = __importDefault(require("helmet"));
|
|
8
|
+
const GA_DOMAIN = 'www.google-analytics.com';
|
|
9
|
+
const GTM_DOMAIN = 'www.googletagmanager.com';
|
|
8
10
|
exports.default = () => [
|
|
9
11
|
// Only allow certain request methods
|
|
10
12
|
(req, res, next) => {
|
|
@@ -40,9 +42,15 @@ exports.default = () => [
|
|
|
40
42
|
contentSecurityPolicy: {
|
|
41
43
|
useDefaults: true,
|
|
42
44
|
directives: {
|
|
43
|
-
'
|
|
44
|
-
'
|
|
45
|
+
'default-src': ["'none'"],
|
|
46
|
+
'script-src': ["'self'", GA_DOMAIN, GTM_DOMAIN, (req, res) => `'nonce-${res.locals.cspNonce}'`],
|
|
47
|
+
'img-src': ["'self'", GA_DOMAIN],
|
|
48
|
+
'connect-src': ["'self'", GA_DOMAIN],
|
|
49
|
+
'frame-src': ["'self'", GTM_DOMAIN],
|
|
50
|
+
'frame-ancestors': ["'self'"],
|
|
45
51
|
'form-action': ["'self'"],
|
|
52
|
+
'style-src': ["'self'", (req, res) => `'nonce-${res.locals.cspNonce}'`],
|
|
53
|
+
'font-src': ["'self'"],
|
|
46
54
|
},
|
|
47
55
|
},
|
|
48
56
|
// // Require referrer to aid navigation
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@dwp/govuk-casa",
|
|
3
|
-
"version": "8.0.
|
|
3
|
+
"version": "8.0.3",
|
|
4
4
|
"description": "A framework for building GOVUK Collect-And-Submit-Applications",
|
|
5
5
|
"repository": {
|
|
6
6
|
"type": "git",
|
|
@@ -49,8 +49,8 @@
|
|
|
49
49
|
"express-session": "1.17.2",
|
|
50
50
|
"govuk-frontend": "4.0.0",
|
|
51
51
|
"graphlib": "2.1.8",
|
|
52
|
-
"helmet": "5.0.
|
|
53
|
-
"i18next": "21.6.
|
|
52
|
+
"helmet": "5.0.2",
|
|
53
|
+
"i18next": "21.6.10",
|
|
54
54
|
"i18next-http-middleware": "3.1.5",
|
|
55
55
|
"js-yaml": "4.1.0",
|
|
56
56
|
"lodash": "4.17.21",
|
|
@@ -60,33 +60,33 @@
|
|
|
60
60
|
"validator": "13.7.0"
|
|
61
61
|
},
|
|
62
62
|
"devDependencies": {
|
|
63
|
-
"@babel/core": "7.16.
|
|
63
|
+
"@babel/core": "7.16.12",
|
|
64
64
|
"@babel/eslint-parser": "7.16.5",
|
|
65
|
-
"@babel/preset-env": "7.16.
|
|
65
|
+
"@babel/preset-env": "7.16.11",
|
|
66
66
|
"@commitlint/config-conventional": "16.0.0",
|
|
67
|
-
"@dwp/casa-spiderplan": "2.
|
|
67
|
+
"@dwp/casa-spiderplan": "2.3.0",
|
|
68
68
|
"@dwp/casa-spiderplan-a11y-plugin": "0.1.3",
|
|
69
69
|
"@dwp/casa-spiderplan-zap-plugin": "0.1.1",
|
|
70
70
|
"@dwp/eslint-config-base": "6.0.0",
|
|
71
71
|
"@types/express": "4.17.13",
|
|
72
|
-
"@types/node": "17.0.
|
|
72
|
+
"@types/node": "17.0.12",
|
|
73
73
|
"@types/nunjucks": "3.2.1",
|
|
74
74
|
"babel-eslint": "10.1.0",
|
|
75
75
|
"c8": "7.11.0",
|
|
76
|
-
"chai": "4.3.
|
|
77
|
-
"commitlint": "16.0
|
|
78
|
-
"eslint": "8.
|
|
76
|
+
"chai": "4.3.6",
|
|
77
|
+
"commitlint": "16.1.0",
|
|
78
|
+
"eslint": "8.7.0",
|
|
79
79
|
"eslint-plugin-no-unsafe-regex": "1.0.0",
|
|
80
80
|
"eslint-plugin-security": "1.4.0",
|
|
81
81
|
"eslint-plugin-sonarjs": "0.11.0",
|
|
82
82
|
"fast-check": "2.21.0",
|
|
83
83
|
"husky": "7.0.4",
|
|
84
|
-
"mocha": "9.
|
|
85
|
-
"sass": "1.
|
|
84
|
+
"mocha": "9.2.0",
|
|
85
|
+
"sass": "1.49.0",
|
|
86
86
|
"sinon": "12.0.1",
|
|
87
87
|
"sinon-chai": "3.7.0",
|
|
88
88
|
"standard-version": "9.3.2",
|
|
89
|
-
"supertest": "6.2.
|
|
90
|
-
"typescript": "4.5.
|
|
89
|
+
"supertest": "6.2.2",
|
|
90
|
+
"typescript": "4.5.5"
|
|
91
91
|
}
|
|
92
92
|
}
|